mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-09 08:16:58 +08:00
Merge branch 'min-reauth-time' into 'master'
Rename min-reauth-time to ban-time Closes #676 See merge request openconnect/ocserv!497
This commit is contained in:
Nikos Mavrogiannopoulos
4
NEWS
4
NEWS
@@ -1,6 +1,10 @@
|
||||
* Version 1.4.1 (unreleased)
|
||||
- occtl: Fix column misalignment in ban command outputs
|
||||
- Handle dotted client hostnames (e.g., .local) by stripping the domain suffix
|
||||
- Renamed `min-reauth-time` configuration option to `ban-time` to better reflect
|
||||
its purpose (#676). This option defines the duration (in seconds) for which
|
||||
an IP address is banned after exceeding the maximum allowed `max-ban-score`.
|
||||
Default is 300 seconds (5 minutes).
|
||||
|
||||
|
||||
* Version 1.4.0 (released 2026-01-04)
|
||||
|
||||
@@ -340,13 +340,9 @@ auth-timeout = 240
|
||||
# traffic) before being disconnected. Unset to disable.
|
||||
#mobile-idle-timeout = 2400
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
min-reauth-time = 300
|
||||
|
||||
# Banning clients in ocserv works with a point system. IP addresses
|
||||
# that get a score over that configured number are banned for
|
||||
# min-reauth-time seconds. By default a wrong password attempt is 10 points,
|
||||
# ban-time seconds. By default a wrong password attempt is 10 points,
|
||||
# a KKDCP POST is 1 point, and a connection is 1 point. Note that
|
||||
# due to different processes being involved the count of points
|
||||
# will not be real-time precise. Local subnet IPs are exempt to allow
|
||||
@@ -355,6 +351,10 @@ min-reauth-time = 300
|
||||
# Set to zero to disable.
|
||||
max-ban-score = 80
|
||||
|
||||
# The duration (in seconds) an IP address remains banned
|
||||
# after exceeding max-ban-score.
|
||||
ban-time = 300
|
||||
|
||||
# The time (in seconds) that all score kept for a client is reset.
|
||||
ban-reset-time = 1200
|
||||
|
||||
|
||||
10
src/config.c
10
src/config.c
@@ -651,6 +651,7 @@ static void apply_default_conf(vhost_cfg_st *vhost, unsigned int reload)
|
||||
vhost->perm_config.config->cookie_timeout =
|
||||
DEFAULT_COOKIE_RECON_TIMEOUT;
|
||||
vhost->perm_config.config->auth_timeout = DEFAULT_AUTH_TIMEOUT_SECS;
|
||||
vhost->perm_config.config->ban_time = DEFAULT_BAN_TIME;
|
||||
vhost->perm_config.config->ban_reset_time = DEFAULT_BAN_RESET_TIME;
|
||||
vhost->perm_config.config->max_ban_score = DEFAULT_MAX_BAN_SCORE;
|
||||
vhost->perm_config.config->ban_points_wrong_password =
|
||||
@@ -1204,9 +1205,12 @@ static int cfg_ini_handler(void *_ctx, const char *section, const char *name,
|
||||
if (!WARN_ON_VHOST(vhost->name, "max-clients", max_clients))
|
||||
READ_NUMERIC(config->max_clients);
|
||||
} else if (strcmp(name, "min-reauth-time") == 0) {
|
||||
if (!WARN_ON_VHOST(vhost->name, "min-reauth-time",
|
||||
min_reauth_time))
|
||||
READ_NUMERIC(config->min_reauth_time);
|
||||
READ_NUMERIC(config->ban_time);
|
||||
fprintf(stderr, NOTESTR
|
||||
"'min-reauth-time' was replaced by 'ban-time'\n");
|
||||
} else if (strcmp(name, "ban-time") == 0) {
|
||||
if (!WARN_ON_VHOST(vhost->name, "ban-time", ban_time))
|
||||
READ_NUMERIC(config->ban_time);
|
||||
} else if (strcmp(name, "ban-reset-time") == 0) {
|
||||
if (!WARN_ON_VHOST(vhost->name, "ban-reset-time",
|
||||
ban_reset_time))
|
||||
|
||||
@@ -130,7 +130,7 @@ static int add_ip_to_ban_list(main_server_st *s, const unsigned char *ip,
|
||||
struct ban_entry_st *e;
|
||||
ban_entry_st t;
|
||||
time_t now = time(NULL);
|
||||
time_t expiration = now + GETCONFIG(s)->min_reauth_time;
|
||||
time_t expiration = now + GETCONFIG(s)->ban_time;
|
||||
int ret = 0;
|
||||
char str_ip[MAX_IP_STR];
|
||||
const char *p_str_ip = NULL;
|
||||
|
||||
@@ -90,6 +90,7 @@ inline static const char *proto_to_str(fw_proto_t proto)
|
||||
#define DEFAULT_CONNECT_POINTS 1
|
||||
#define DEFAULT_KKDCP_POINTS 1
|
||||
#define DEFAULT_MAX_BAN_SCORE (MAX_PASSWORD_TRIES * DEFAULT_PASSWORD_POINTS)
|
||||
#define DEFAULT_BAN_TIME 300
|
||||
#define DEFAULT_BAN_RESET_TIME 300
|
||||
|
||||
#define MIN_NO_COMPRESS_LIMIT 64
|
||||
@@ -267,7 +268,7 @@ struct cfg_st {
|
||||
time_t rekey_time; /* in seconds */
|
||||
unsigned int rekey_method; /* REKEY_METHOD_ */
|
||||
|
||||
time_t min_reauth_time; /* after a failed auth, how soon one can reauthenticate -> in seconds */
|
||||
time_t ban_time; /* duration IP remains banned after hitting max_ban_score -> in seconds */
|
||||
unsigned int
|
||||
max_ban_score; /* the score allowed before a user is banned (see vpn.h) */
|
||||
int ban_reset_time;
|
||||
|
||||
@@ -77,7 +77,7 @@ int main(void)
|
||||
list_add(s->vconfig, &vhost->list);
|
||||
|
||||
vhost->perm_config.config->max_ban_score = 20;
|
||||
vhost->perm_config.config->min_reauth_time = 30;
|
||||
vhost->perm_config.config->ban_time = 30;
|
||||
|
||||
main_ban_db_init(s);
|
||||
|
||||
@@ -147,7 +147,7 @@ int main(void)
|
||||
}
|
||||
|
||||
/* check expiration of entries */
|
||||
sleep(GETCONFIG(s)->min_reauth_time + 1);
|
||||
sleep(GETCONFIG(s)->ban_time + 1);
|
||||
|
||||
if (check_if_banned_str(s, "192.168.1.1") != 0) {
|
||||
fprintf(stderr, "error in %d\n", __LINE__);
|
||||
@@ -171,7 +171,7 @@ int main(void)
|
||||
}
|
||||
|
||||
/* check cleanup */
|
||||
sleep(GETCONFIG(s)->min_reauth_time + 1);
|
||||
sleep(GETCONFIG(s)->ban_time + 1);
|
||||
|
||||
cleanup_banned_entries(s);
|
||||
|
||||
|
||||
@@ -105,10 +105,6 @@ auth-timeout = 40
|
||||
# before being disconnected. Unset to disable.
|
||||
#idle-timeout = 5
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -104,10 +104,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -104,10 +104,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -100,10 +100,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -7,6 +7,7 @@ auth = "plain[@SRCDIR@/data/test1.passwd]"
|
||||
|
||||
isolate-workers = @ISOLATE_WORKERS@
|
||||
|
||||
#ban-time = 300
|
||||
max-ban-score = 50
|
||||
ban-reset-time = 10
|
||||
ban-points-wrong-password = 10
|
||||
@@ -107,10 +108,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -104,10 +104,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -135,10 +135,6 @@ auth-timeout = 40
|
||||
# traffic) before being disconnected. Unset to disable.
|
||||
#mobile-idle-timeout = 2400
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# ReKey time (in seconds)
|
||||
# ocserv will ask the client to refresh keys periodically once
|
||||
# this amount of seconds is elapsed. Set to zero to disable.
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -113,10 +113,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -113,10 +113,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -140,10 +140,6 @@ auth-timeout = 40
|
||||
# traffic) before being disconnected. Unset to disable.
|
||||
#mobile-idle-timeout = 2400
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# ReKey time (in seconds)
|
||||
# ocserv will ask the client to refresh keys periodically once
|
||||
# this amount of seconds is elapsed. Set to zero to disable.
|
||||
|
||||
@@ -141,10 +141,6 @@ auth-timeout = 40
|
||||
# traffic) before being disconnected. Unset to disable.
|
||||
#mobile-idle-timeout = 2400
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# ReKey time (in seconds)
|
||||
# ocserv will ask the client to refresh keys periodically once
|
||||
# this amount of seconds is elapsed. Set to zero to disable.
|
||||
|
||||
@@ -136,13 +136,9 @@ auth-timeout = 40
|
||||
# traffic) before being disconnected. Unset to disable.
|
||||
#mobile-idle-timeout = 2400
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Banning clients in ocserv works with a point system. IP addresses
|
||||
# that get a score over that configured number are banned for
|
||||
# min-reauth-time seconds. By default a wrong password attempt is 10 points,
|
||||
# ban-time seconds. By default a wrong password attempt is 10 points,
|
||||
# a KKDCP POST is 1 point, and a connection is 1 point. Note that
|
||||
# due to difference processes being involved the count of points
|
||||
# will not be real-time precise.
|
||||
@@ -153,6 +149,10 @@ auth-timeout = 40
|
||||
# Set to zero to disable.
|
||||
max-ban-score = 40
|
||||
|
||||
# The duration (in seconds) an IP address remains banned
|
||||
# after exceeding max-ban-score.
|
||||
#ban-time = 300
|
||||
|
||||
# The time (in seconds) that all score kept for a client is reset.
|
||||
ban-reset-time = 300
|
||||
|
||||
|
||||
@@ -136,10 +136,6 @@ auth-timeout = 40
|
||||
# traffic) before being disconnected. Unset to disable.
|
||||
#mobile-idle-timeout = 2400
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# ReKey time (in seconds)
|
||||
# ocserv will ask the client to refresh keys periodically once
|
||||
# this amount of seconds is elapsed. Set to zero to disable.
|
||||
|
||||
@@ -104,10 +104,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
|
||||
@@ -101,9 +101,9 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
min-reauth-time = 20
|
||||
# The duration (in seconds) an IP address remains banned
|
||||
# after exceeding max-ban-score.
|
||||
ban-time = 20
|
||||
|
||||
max-ban-score = 50
|
||||
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -113,10 +113,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -108,10 +108,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -113,10 +113,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -110,10 +110,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -104,10 +104,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -104,10 +104,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,9 +103,9 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
min-reauth-time = 20
|
||||
# The duration (in seconds) an IP address remains banned
|
||||
# after exceeding max-ban-score.
|
||||
ban-time = 20
|
||||
|
||||
max-ban-score = 50
|
||||
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -99,9 +99,9 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
min-reauth-time = 20
|
||||
# The duration (in seconds) an IP address remains banned
|
||||
# after exceeding max-ban-score.
|
||||
ban-time = 20
|
||||
|
||||
max-ban-score = 9999999
|
||||
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -112,10 +112,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -111,10 +111,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ auth-timeout = 40
|
||||
# before being disconnected. Unset to disable.
|
||||
#idle-timeout = 5
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -102,10 +102,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -106,10 +106,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -108,10 +108,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -108,10 +108,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -105,10 +105,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -101,10 +101,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
@@ -103,10 +103,6 @@ tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
|
||||
# The time (in seconds) that a client is not allowed to reconnect after
|
||||
# a failed authentication attempt.
|
||||
#min-reauth-time = 2
|
||||
|
||||
# Script to call when a client connects and obtains an IP
|
||||
# Parameters are passed on the environment.
|
||||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
|
||||
|
||||
Reference in New Issue
Block a user